07:33 Attacking Kubernetes cluster itself, Kubernetes API server 09:01 RBAC 10:58 API Firewall 11:35 NetworkPolicy 13:20 Get access to cluster components, etcd

Hi Ian. Your presentation is clear and I was able to grasp your ideas easily. Thanks. I am also interested in the remaining topics not covered in your presentation - Threat detection, Build Hygiene and SecOps. Could you recommend good articles or videos regarding those topics? Thanks in advance.

Thanks Ian, it's still relevant in 2021 😃

Ian, Thanks so much. Great presentation, and excellent coverage of K8S security best practices.

Hello Ian, Rocking presentation which is clear and easy to understand for newbies .

Nice! Really good presentation with illustrative pictures. Thanks Ian!

Good presentation, thanks man!!

Excellent presentation. Very concise in terms on identifying what are possible areas to secure and how to secure for containerized workload running on Kubernetes.

Thanks for the excellent presentation Ian. Great parallels on Defense In Depth principle where it underpins the logical flow: Network -> Host -> Supply Chain (Application) -> Data vs. a threat model driven by it (layered defense). Also, it's worth pondering on the importance of Infra Code security first (for those orgamisations mature enough to drive everything via code e.g. Terraform, Crossplane, or ClusterAPI) where it's critical on CI/CD/Progressive Delivery DevSecOps cycle given that it builds entirely on what's being presented.

Very helpful..precise..

Thanks for your presentation

Very good talk

thank you so much

Thanks

👍thanks, even now

Nice topics

awesome

fruitful !